Skip to main content

Nplatform

5 CVEs product

Monthly

CVE-2025-64124 HIGH This Week

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows OS Command Injection.This issue affects Multi-Stack Controller (MSC): before 2.5.1. [CVSS 8.8 HIGH]

Command Injection Nplatform
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-64123 CRITICAL Act Now

Nuvation Energy MSC through 2.5.1 can be used as an unintended network proxy to bridge security boundaries. An attacker can leverage the controller to access networks that should be isolated, turning the battery controller into a pivot point.

Information Disclosure Nplatform
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-64122 MEDIUM This Month

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller (MSC): through 2.5.1. [CVSS 5.5 MEDIUM]

Authentication Bypass Nplatform
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-64121 CRITICAL Act Now

Nuvation Energy Multi-Stack Controller (MSC) for battery storage systems allows authentication bypass through an alternate channel, enabling unauthenticated attackers to access critical energy management functions. Affects versions 2.3.8 to 2.5.1.

Authentication Bypass Nplatform
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-64120 HIGH This Week

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows OS Command Injection.This issue affects Multi-Stack Controller (MSC): from 2.3.8 before 2.5.1. [CVSS 8.8 HIGH]

Command Injection Nplatform
NVD
CVSS 3.1
8.8
EPSS
0.3%
EPSS 0% CVSS 8.8
HIGH This Week

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows OS Command Injection.This issue affects Multi-Stack Controller (MSC): before 2.5.1. [CVSS 8.8 HIGH]

Command Injection Nplatform
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Nuvation Energy MSC through 2.5.1 can be used as an unintended network proxy to bridge security boundaries. An attacker can leverage the controller to access networks that should be isolated, turning the battery controller into a pivot point.

Information Disclosure Nplatform
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller (MSC): through 2.5.1. [CVSS 5.5 MEDIUM]

Authentication Bypass Nplatform
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Nuvation Energy Multi-Stack Controller (MSC) for battery storage systems allows authentication bypass through an alternate channel, enabling unauthenticated attackers to access critical energy management functions. Affects versions 2.3.8 to 2.5.1.

Authentication Bypass Nplatform
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows OS Command Injection.This issue affects Multi-Stack Controller (MSC): from 2.3.8 before 2.5.1. [CVSS 8.8 HIGH]

Command Injection Nplatform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy